CVE-2022-28944 (GCVE-0-2022-28944)

Vulnerability from cvelistv5 – Published: 2022-05-23 17:05 – Updated: 2024-08-03 06:10
VLAI?
Summary
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://msi.com x_refsource_MISC
http://emco.com x_refsource_MISC
https://github.com/gerr-re/cve-2022-28944/blob/ma… x_refsource_MISC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:10:58.672Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://msi.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://emco.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. \u00b6\u00b6 Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-23T17:05:09.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://msi.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://emco.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-28944",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. \u00b6\u00b6 Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://msi.com",
              "refsource": "MISC",
              "url": "http://msi.com"
            },
            {
              "name": "http://emco.com",
              "refsource": "MISC",
              "url": "http://emco.com"
            },
            {
              "name": "https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf",
              "refsource": "MISC",
              "url": "https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-28944",
    "datePublished": "2022-05-23T17:05:09.000Z",
    "dateReserved": "2022-04-11T00:00:00.000Z",
    "dateUpdated": "2024-08-03T06:10:58.672Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-28944",
      "date": "2026-05-05",
      "epss": "0.10874",
      "percentile": "0.93416"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:msi_package_builder:9.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D69E8299-29C0-4621-8CFE-34EF07346185\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:network_inventory:5.8.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"984407E1-B474-43BE-878D-1375D2A6F967\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:network_software_scanner:2.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"823B76EF-D4D0-406E-9926-69786833C6A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:ping_monitor:8.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50549A02-466E-4B49-BB24-0C20874C612A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:remote_installer:6.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B189D2DE-16E8-4C32-BE9E-C45CB085B3B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:remote_shutdown:7.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AC0444D-B02A-4A32-836D-C1169FAB244E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:unlock_it:6.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D435F75-2887-4E47-9390-BAD507949DDC\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:wakeonlan:2.0.8:*:*:*:free:*:*:*\", \"matchCriteriaId\": \"EE9D5E0A-D00F-4BEA-8D1B-54A252EF0BF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:emcosoftware:wakeonlan:2.0.8:*:*:*:professional:*:*:*\", \"matchCriteriaId\": \"AE4BD0F1-EB96-4129-9159-12DDDC5F7441\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. \\u00b6\\u00b6 Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.\"}, {\"lang\": \"es\", \"value\": \"Algunos productos de software de EMCO est\\u00e1n afectados por: CWE-494: Descarga de C\\u00f3digo sin Comprobaci\\u00f3n de Integridad. Esto afecta a MSI Package Builder para Windows versi\\u00f3n 9.1.4 y Remote Installer para Windows versi\\u00f3n 6.0.13 y Ping Monitor para Windows versi\\u00f3n 8.0.18 y Remote Shutdown para Windows versi\\u00f3n 7.2.2 y WakeOnLan versi\\u00f3n 2.0.8 y Network Inventory para Windows versi\\u00f3n 5.8.22 y Network Software Scanner para Windows versi\\u00f3n 2.0.8 y UnLock IT para Windows versi\\u00f3n 6.1.1. El impacto es: ejecutar c\\u00f3digo arbitrario (remoto). El componente es: Updater. El vector de ataque es: Para explotar esta vulnerabilidad, un usuario debe desencadenar una actualizaci\\u00f3n de una instalaci\\u00f3n afectada de EMCO Software. \\u00b6\\u00b6 M\\u00faltiples productos de EMCO Software est\\u00e1n afectados por una vulnerabilidad de ejecuci\\u00f3n de c\\u00f3digo remota durante el proceso de actualizaci\\u00f3n\"}]",
      "id": "CVE-2022-28944",
      "lastModified": "2024-11-21T06:58:13.553",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2022-05-23T18:16:11.997",
      "references": "[{\"url\": \"http://emco.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://msi.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://emco.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"http://msi.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-494\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-28944\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-05-23T18:16:11.997\",\"lastModified\":\"2024-11-21T06:58:13.553\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. \u00b6\u00b6 Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.\"},{\"lang\":\"es\",\"value\":\"Algunos productos de software de EMCO est\u00e1n afectados por: CWE-494: Descarga de C\u00f3digo sin Comprobaci\u00f3n de Integridad. Esto afecta a MSI Package Builder para Windows versi\u00f3n 9.1.4 y Remote Installer para Windows versi\u00f3n 6.0.13 y Ping Monitor para Windows versi\u00f3n 8.0.18 y Remote Shutdown para Windows versi\u00f3n 7.2.2 y WakeOnLan versi\u00f3n 2.0.8 y Network Inventory para Windows versi\u00f3n 5.8.22 y Network Software Scanner para Windows versi\u00f3n 2.0.8 y UnLock IT para Windows versi\u00f3n 6.1.1. El impacto es: ejecutar c\u00f3digo arbitrario (remoto). El componente es: Updater. El vector de ataque es: Para explotar esta vulnerabilidad, un usuario debe desencadenar una actualizaci\u00f3n de una instalaci\u00f3n afectada de EMCO Software. \u00b6\u00b6 M\u00faltiples productos de EMCO Software est\u00e1n afectados por una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota durante el proceso de actualizaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-494\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:msi_package_builder:9.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D69E8299-29C0-4621-8CFE-34EF07346185\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:network_inventory:5.8.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"984407E1-B474-43BE-878D-1375D2A6F967\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:network_software_scanner:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"823B76EF-D4D0-406E-9926-69786833C6A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:ping_monitor:8.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50549A02-466E-4B49-BB24-0C20874C612A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:remote_installer:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B189D2DE-16E8-4C32-BE9E-C45CB085B3B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:remote_shutdown:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC0444D-B02A-4A32-836D-C1169FAB244E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:unlock_it:6.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D435F75-2887-4E47-9390-BAD507949DDC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:wakeonlan:2.0.8:*:*:*:free:*:*:*\",\"matchCriteriaId\":\"EE9D5E0A-D00F-4BEA-8D1B-54A252EF0BF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:emcosoftware:wakeonlan:2.0.8:*:*:*:professional:*:*:*\",\"matchCriteriaId\":\"AE4BD0F1-EB96-4129-9159-12DDDC5F7441\"}]}]}],\"references\":[{\"url\":\"http://emco.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://msi.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://emco.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://msi.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.